Study reveals women working in cybersecurity are younger, have achieved higher
levels of education and are assuming leadership roles at higher rates than men

Clearwater, FL, April 2, 2019 – (ISC)² – the world’s largest nonprofit membership association of certified cybersecurity professionals – today released its 2019 Women in Cybersecurity report, which reveals that women now represent 24% of the cybersecurity workforce.

This estimate is a higher percentage than in past reports in part due to the adoption of a new sample methodology that creates a more accurate and holistic representation of the cybersecurity and IT/ICT professionals responsible for securing their organizations’ critical assets. While the stronger representation of women in the cybersecurity workforce is encouraging, the report indicates that challenges like wage inequality remain.

“The data confirms what we’ve been seeing for the past few years on the ground. More women are coming into the field of cybersecurity with post-graduate degrees and not only working in the trenches but also in the C-suite,” said (ISC)² CEO David Shearer, CISSP. “Women in high-level positions will foster more inclusion and inspire young women to join the industry, and there are certainly many exciting opportunities available for those seeking to inspire a safe and secure cyber world. Diversity only makes us stronger.”

Signs of Progress
The newest generation of professional entrants into cybersecurity is decidedly more female than in the past. 45% of women surveyed are millennials, compared to just 33% of men. While just 24% of the industry is female today, this will change the face of the cybersecurity profession in the years to come.

Women also bring higher levels of education to cybersecurity. More women (52%) in the survey hold a post-graduate degree than their male counterparts (44%).

The report also found that although men still outnumber women in cybersecurity by about three to one overall, women in the field are advancing to leadership positions. According to survey respondents, higher percentages of women than men are attaining senior leadership and decision-making positions.

Chief Technology Officer – 7% of women vs. 2% of men

Vice President of IT – 9% of women vs. 5% of men

IT Director – 18% of women vs. 14% of men

C-level/Executive – 28% of women vs. 19% of men

“It’s an encouraging sign that more women are succeeding in cybersecurity and moving up through the ranks,” said Jennifer Minella, CISSP, vice president of engineering & security at Carolina Advanced Digital, Inc. and chairperson of the (ISC)2 Board of Directors. “For many years this hasn’t been the case, and we need to continue to do all we can to make ours a welcoming profession for the most talented and innovative individuals, regardless of gender.”

Challenges Remain
While there is evidence of progress as more women enter into and succeed in the field of cybersecurity, the report also indicates that pay inequities persist. 17% of women globally reported annual salaries between $50,000 – $90,000, as compared to 29% of men, and 15% of women earn between $100,000 – $499,999, while 20% of men earn at least that much.

For all their differences, the report indicates that men and women share a lot of the same concerns about their roles, including lack of commitment from upper management, the reputation of their organization, risk of seeing their job outsourced, lack of work/life balance, the threat of artificial intelligence (AI) reducing the need for cybersecurity workers and a lack of standardized cybersecurity terminology to effectively communicate within their organizations.

About the Report Methodology
Past (ISC)² research had estimated the percentage of women working in cybersecurity at 11%, but with a change to research methodology – including surveying IT/ICT professionals who spend at least 25% of their time on cybersecurity responsibilities –24% of study participants were women. Results presented in the report are extracted from the 2018 Cybersecurity Workforce Study, conducted by (ISC)² and Spiceworks in August 2018. The sample structure was carefully designed to obtain feedback from a diverse group of professionals responsible for securing their organization’s critical assets. 1,452 individuals from North America, Latin America, and Asia-Pacific participated in the survey. The margin of error for this research is plus or minus 3% at a 95% confidence level.

About (ISC)²Celebrating its 30th anniversary this year, (ISC)² is an international nonprofit membership association focused on inspiring a safe and secure cyber world. Best known for the acclaimed Certified Information Systems Security Professional (CISSP®) certification, (ISC)² offers a portfolio of credentials that are part of a holistic, pragmatic approach to security. Our membership, more than 140,000 strong, is made up of certified cyber, information, software and infrastructure security professionals who are making a difference and helping to advance the industry. Our vision is supported by our commitment to educate and reach the general public through our charitable foundation – The Center for Cyber Safety and Education™. For more information on (ISC)², visit www.isc2.org, follow us on Twitter or connect with us on Facebook and LinkedIn.

Social Media

All contents of this site constitute the property of (ISC)², Inc. and may not be copied, reproduced or distributed without prior written permission. (ISC)², CISSP, SSCP, CCSP, CAP, CSSLP, HCISPP, CISSP-ISSAP, CISSP-ISSEP, CISSP-ISSMP and CBK are registered certification marks of (ISC)², Inc.